TechTaffy

tech:

taffy

Operation Ghost Click: FBI Dismantles International Criminal Ring

By TechTaffy Desk

Six Estonian nationals have been arrested and charged with running a sophisticated Internet fraud ring that infected millions of computers worldwide with a virus. Users of infected machines were unaware that their computers had been compromised—or that the malicious software rendered their machines vulnerable to a host of other viruses.

Details of the two-year FBI investigation called Operation Ghost Click were announced in New York when a federal indictment was unsealed. Officials also described their efforts to make sure infected users’ Internet access would not be disrupted as a result of the operation.

Beginning in 2007, the cyber ring used a class of malware called DNSChanger to infect approximately 4 million computers in more than 100 countries. There were about 500,000 infections in the U.S., including computers belonging to individuals, businesses, and government agencies such as NASA.

The thieves were able to manipulate Internet advertising to generate at least $14 million in illicit fees. In some cases, the malware had the additional effect of preventing users’ anti-virus software and operating systems from updating, thereby exposing infected machines to even more malicious software.

DNSChanger was used to redirect unsuspecting users to rogue servers controlled by the cyber thieves, allowing them to manipulate users’ web activity. When users of infected computers clicked on the link for the official website of iTunes, for example, they were instead taken to a website for a business unaffiliated with Apple Inc. that purported to sell Apple software. Not only did the cyber thieves make money from these schemes, they deprived legitimate website operators and advertisers of substantial revenue.

The six cyber criminals were taken into custody yesterday in Estonia by local authorities, and the U.S. will seek to extradite them. In conjunction with the arrests, U.S. authorities seized computers and rogue DNS servers at various locations. As part of a federal court order, the rogue DNS servers have been replaced with legitimate servers in the hopes that users who were infected will not have their Internet access disrupted.

DNS—Domain Name System—is a critical Internet service that converts user-friendly domain names, such as www.techtaffy.com, into numerical addresses that allow computers to talk to each other. Without DNS and the DNS servers operated by Internet service providers, computer users would not be able to browse websites or send e-mail.

You can find the FBI press release here.

Updated: 06.02.2017

Just in

Series E

Vercel raises $250M

San Francisco-based Vercel, a frontend cloud platform provider, has secured $250 million in Series E funding, bringing the company's valuation to $3.25 billion.
Series A

Worky raises $6M (Mexico)

Mexico City-based Worky, a provider of HR and payroll software solutions for Mexican companies, has closed a $6 million Series A financing round.
Industry

Amazon announces $1.31B investment in France

Amazon has announced a new investment of about $1.31 billion (€1.2 billion) in France, which the company says will lead to the creation of over 3,000 permanent jobs in the country.
Around the web

Amazon Web Services CEO Adam Selipsky to step down — CNBC

Adam Selipsky, CEO of Amazon’s cloud computing business, will step down from his role next month. Matt Garman, senior vice president of sales and marketing at Amazon Web Services, will succeed Mr. Selipsky after he exits the company June 3, writes Annie Palmer. 
AI

Palo Alto Networks, Accenture expand alliance to offer generative AI services

Palo Alto Networks and Accenture have announced the expansion of their strategic alliance to provide new offerings that combine Palo Alto Networks' Precision AI technology with Accenture's secure generative AI services.